From 25f3d5c4347efd843c7c63d7ef04ccc7cedb35d8 Mon Sep 17 00:00:00 2001
From: Major Hayden <major@mhtx.net>
Date: Tue, 6 Dec 2016 11:11:06 -0600
Subject: [PATCH] [Docs] Exception: logging level

This patch adds docs to explain that CentOS/RHEL/Ubuntu already log
in a way that meets the STIG's requirements. Deployers should not need
to adjust these configurations unless their environment requires it.

Implements: blueprint security-rhel7-stig
Change-Id: Ibac4a1de917a67cb21494466bcabb746d3aaf540
---
 doc/metadata/rhel7/RHEL-07-040020.rst | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/doc/metadata/rhel7/RHEL-07-040020.rst b/doc/metadata/rhel7/RHEL-07-040020.rst
index 0e853f76..de55c597 100644
--- a/doc/metadata/rhel7/RHEL-07-040020.rst
+++ b/doc/metadata/rhel7/RHEL-07-040020.rst
@@ -1,7 +1,10 @@
 ---
 id: RHEL-07-040020
-status: not implemented
+status: exception - manual intervention
 tag: misc
 ---
 
-This STIG requirement is not yet implemented.
+Deployers should review their logging configuration to ensure it meets the
+requirements of the STIG. All operating systems supported by the role already
+log the ``auth``, ``authpriv``, and ``daemon`` facilities at the correct levels
+by default.